+One thing we would like our authenticated application apart from preventing not logged users from accessing it, is to redirect to the intended url after the user logs in. So, let's suppose the user enters a bookmark, but he should not be able to access the content until he is logged in. We can program that like this:

+

+@example

+(defmethod handle-url ((application standard-application))

+ ; standard url handling and dispatching)

+

+(defmethod handle-url ((application authenticated-application))

+ (loop while (not (logged-in-user))

+ do (call 'login))

+ (call-next-method)) ;; handle the url after the user has been logged-in

+@end example

+

+Note that the original url is handled; that is good! And that it is necessary to start a new session even before the user has logged in; that's because we need to keep track of control flow (the loop continuation), and that needs an active session.